· 6 years ago · Feb 18, 2019, 03:04 PM
1provider "aws" {
2 access_key = "${var.access_key}"
3 secret_key = "${var.secret_key}"
4 region = "eu-west-3"
5}
6
7resource "aws_instance" "subteno-preprod" {
8 ami = "${lookup(var.amis, var.region)}"
9 instance_type = "t2.micro"
10 key_name = "deployer-key"
11 security_groups = [
12 "${aws_security_group.odoo.name}"
13 ]
14
15 tags = {
16 Name = "Subteno Preprod"
17 }
18
19 provisioner "local-exec" {
20 command = "echo ${aws_instance.subteno-preprod.public_ip} > output/ip_address.txt"
21 }
22
23 provisioner "file" {
24 source = "scripts/install.sh"
25 destination = "/home/admin/install.sh"
26
27 connection {
28 type = "ssh"
29 user = "admin"
30 private_key = "${file("../conf/keys/subteno/subteno-deployer")}"
31 }
32 }
33
34 provisioner "file" {
35 source = "scripts/lvcreate.sh"
36 destination = "/home/admin/lvcreate.sh"
37
38 connection {
39 type = "ssh"
40 user = "admin"
41 private_key = "${file("../conf/keys/subteno/subteno-deployer")}"
42 }
43 }
44
45 provisioner "remote-exec" {
46 inline = [
47 "sudo chmod +x /home/admin/install.sh",
48 "sudo /home/admin/install.sh",
49 "sudo /etc/init.d/salt-minion start",
50 ]
51
52 connection {
53 type = "ssh"
54 user = "admin"
55 private_key = "${file("../conf/keys/subteno/subteno-deployer")}"
56 }
57 }
58
59}
60
61resource "aws_ebs_volume" "subteno-preprod-volume" {
62 availability_zone = "eu-west-3c"
63 size = 60
64
65 depends_on = ["aws_instance.subteno-preprod"]
66
67 tags = {
68 Name = "Subteno Preprod"
69 }
70
71}
72
73resource "aws_volume_attachment" "subteno-preprod-ebs_att" {
74 device_name = "/dev/sdb"
75 volume_id = "${aws_ebs_volume.subteno-preprod-volume.id}"
76 instance_id = "${aws_instance.subteno-preprod.id}"
77
78 depends_on = ["aws_instance.subteno-preprod"]
79
80}
81
82resource "aws_key_pair" "deployer" {
83 key_name = "deployer-key"
84 public_key = "${file("../conf/keys/subteno/subteno-deployer.pub")}"
85
86}
87
88resource "aws_security_group" "allow_all" {
89 name = "allow_all"
90 description = "Allow all inbound traffic"
91
92 ingress {
93 from_port = 0
94 to_port = 0
95 protocol = "-1"
96 cidr_blocks = ["0.0.0.0/0"]
97 }
98
99 egress {
100 from_port = 0
101 to_port = 0
102 protocol = "-1"
103 cidr_blocks = ["0.0.0.0/0"]
104 }
105}
106
107resource "aws_security_group" "odoo" {
108 name = "odoo"
109 description = "Allow only needed rules for odoo instance"
110
111 /////////////////////
112 //// INCOMING TRAFFIC
113 /////////////////////
114
115 ingress {
116 from_port = 22
117 to_port = 22
118 protocol = "tcp"
119 cidr_blocks = ["0.0.0.0/0"]
120 }
121
122 ingress {
123 from_port = 80
124 to_port = 80
125 protocol = "tcp"
126 cidr_blocks = ["0.0.0.0/0"]
127 }
128
129 ingress {
130 from_port = 443
131 to_port = 443
132 protocol = "tcp"
133 cidr_blocks = ["0.0.0.0/0"]
134 }
135
136 ingress {
137 from_port = 4505
138 to_port = 4506
139 protocol = "tcp"
140 cidr_blocks = ["0.0.0.0/0"]
141 }
142
143 ingress {
144 from_port = 8169
145 to_port = 8171
146 protocol = "tcp"
147 cidr_blocks = ["0.0.0.0/0"]
148 }
149
150 /////////////////////
151 //// END
152 /////////////////////
153
154 egress {
155 from_port = 0
156 to_port = 0
157 protocol = "-1"
158 cidr_blocks = ["0.0.0.0/0"]
159 }
160}
161
162resource "null_resource" "create-volumes" {
163
164 depends_on = ["aws_volume_attachment.subteno-preprod-ebs_att"]
165
166 connection {
167 user = "admin"
168 host = "${aws_instance.subteno-preprod.public_ip}"
169 }
170
171 provisioner "remote-exec" {
172 inline = [
173 "sudo chmod +x /home/admin/lvcreate.sh",
174 "sudo /home/admin/lvcreate.sh",
175 ]
176 }
177}